Procedures for administrative operations of a cloud computing environment.Virtual machine hardening requirements to meet business needs.Protection and separation of a customer's virtual environment from environments of other customers.Removal and return of cloud service customer assets upon contract termination.Shared roles and responsibilities within a cloud computing environment.These new controls address the following important areas: Specifically, this standard provides guidance on 37 controls in ISO/IEC 27002:2013, and it also features seven new controls that aren't duplicated in ISO/IEC 27002:2013. This international standard provides additional cloud-specific implementation guidance based on ISO/IEC 27002:2013, and provides additional controls to address cloud-specific information security threats and risks as detailed in clauses 5-18 in ISO/IEC 27002:2013 for controls, implementation guidance, and other information. It can also be used by cloud service providers as a guidance document for implementing commonly accepted protection controls. The ISO/IEC 27017:2015 code of practice is designed for organizations to use as a reference for selecting cloud services information security controls when implementing a cloud computing information security management system based on ISO/IEC 27002:2013. In this article ISO/IEC 27017:2015 overview
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |